<?php
namespace juven\libs {
    \defined( '_JEXEC' ) or die( 'Restricted access' );
    
    class PermissionsManager {
        const EVENT_onBefore_HttpGETRequestPermissionsCheck = 'event_onBefore_HttpGETRequestPermissionsCheck';
        const EVENT_onAfter_HttpGETRequestPermissionsCheck  = 'event_onAfter_HttpGETRequestPermissionsCheck';
        const EVENT_onWarning_Regex__preg_match__Error      = "event_onWarning_Regex__preg_match__Error";
        
        protected $_eventsHandlerPointer = \NULL;
        
        public function __construct(){
            $this->_eventsHandlerPointer = function(){ @\error_log(\json_encode(\func_get_args())); };
            juven::eventsManager()->subscribe(self::EVENT_onWarning_Regex__preg_match__Error, new EventCallback($this->_eventsHandlerPointer));
        }
       
        public function authHttpGETRequest(User $user, $controllerName, $actionName, $actionParams){
            $dtp = new \stdClass();
            $dtp->userAllowedGETRequests = $user->GET_Requests;
            $dtp->controllerNameToCheck  = $controllerName;
            $dtp->actionNameToCheck      = $actionName;
            $dtp->paramsToCheck          = $actionParams;
            
            juven::eventsManager()->publish(self::EVENT_onBefore_HttpGETRequestPermissionsCheck, $dtp);
            
            $dtp->controllerNameFound = \FALSE;
            $dtp->actionNameFound     = \FALSE;
            $dtp->actionParamsFound   = \FALSE;
            $dtp->paramsToCheck       = \count($dtp->paramsToCheck) > 0 ? \implode("/", $dtp->paramsToCheck) : \NULL;

            foreach ($dtp->userAllowedGETRequests as $c) {
                if ($c["value"]===$dtp->controllerNameToCheck){
                    $dtp->controllerNameFound = \TRUE; 
                    if (array_key_exists("c", $c)){
                        foreach ($c["c"] as $a) {
                            if ($a["value"]===$dtp->actionNameToCheck){
                                $dtp->actionNameFound = \TRUE;
                                if (array_key_exists("c", $a)){
                                    foreach ($a["c"] as $p) {
                                        $preg_match_results = @\preg_match($p["value"], $dtp->paramsToCheck);
                                        if ($preg_match_results===1){
                                            $dtp->actionParamsFound = \TRUE; break;
                                        } elseif ($preg_match_results===\FALSE){
                                            $dtp->preg_match_error = @\preg_last_error();
                                            $dtp->preg_match_error_msg = "WARNING::Regex preg_match error:";
                                            if ($dtp->preg_match_error!==0){ $dtp->preg_match_error_msg .= Tools::PCRE_preg_last_error2string($dtp->preg_match_error); } 
                                            juven::eventsManager()->publish(self::EVENT_onWarning_Regex__preg_match__Error, $dtp);
                                        }
                                    }
                                }
                                break;
                            }
                        }
                    }
                    break;
                }
            }
            $dtp->allowedPermission = \TRUE;
            
            if ($dtp->controllerNameFound!==\TRUE){
                $dtp->allowedPermission = "WARNING:: Permission denied:: User does NOT have permissions to access this controller [".
                        $dtp->controllerNameToCheck."]";
                juven::eventsManager()->publish(self::EVENT_onAfter_HttpGETRequestPermissionsCheck, $dtp);
                return $dtp->allowedPermission;
            }
            
            if ($dtp->actionNameFound!==\TRUE){
                $dtp->allowedPermission = "WARNING:: Permission denied:: User does NOT have permissions to access action [".
                        $dtp->actionNameToCheck."] of controller [".$dtp->controllerNameToCheck."]";
                juven::eventsManager()->publish(self::EVENT_onAfter_HttpGETRequestPermissionsCheck, $dtp);
                return $dtp->allowedPermission;
            }
            
            if ($dtp->actionParamsFound!==\TRUE){
                $dtp->allowedPermission = "WARNING:: Permission denied:: User does NOT have permissions to access parameters [".
                        $dtp->paramsToCheck."] of action [".$dtp->actionNameToCheck."] of controller [".$dtp->controllerNameToCheck."]";
                juven::eventsManager()->publish(self::EVENT_onAfter_HttpGETRequestPermissionsCheck, $dtp);
                return $dtp->allowedPermission;
            }
            
            juven::eventsManager()->publish(self::EVENT_onAfter_HttpGETRequestPermissionsCheck, $dtp);
            return $dtp->allowedPermission;
        }
    }
}
?>
